[asterisk-bugs] [JIRA] (ASTERISK-29241) pjsip / register: wrong port used in Contact and Via if multiple transports are defined.
Michael Maier (JIRA)
noreply at issues.asterisk.org
Sun Jan 10 16:58:18 CST 2021
[ https://issues.asterisk.org/jira/browse/ASTERISK-29241?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Michael Maier updated ASTERISK-29241:
-------------------------------------
Description:
Define some transports:
CLI> pjsip show transports
{code}
Transport: <TransportId........> <Type> <cos> <tos> <BindAddress....................>
==========================================================================================
Transport: 0.0.0.0-tls tls 3 184 0.0.0.0:5061
Transport: 0.0.0.0-tls2 tls 3 184 0.0.0.0:5062
Transport: 0.0.0.0-tls3 tls 3 184 0.0.0.0:5063
Transport: 0.0.0.0-udp udp 3 184 0.0.0.0:5060
{code}
The 3 TLS transports are added to different trunk configuration. 2 examples:
{code}
CLI> pjsip show registration telekomPJSIP-001
<Registration/ServerURI..............................> <Auth..........> <Status.......>
==========================================================================================
telekomPJSIP-001/sip:tel.t-online.de telekomPJSIP-001 Registered
ParameterName : ParameterValue
============================================================
auth_rejection_permanent : true
client_uri : sip:+49... at tel.t-online.de
contact_header_params :
contact_user : +49...
endpoint : telekomPJSIP-001
expiration : 660
fatal_retry_interval : 0
forbidden_retry_interval : 10
line : true
max_retries : 10000
outbound_auth : telekomPJSIP-001
outbound_proxy :
retry_interval : 60
server_uri : sip:tel.t-online.de
support_mediasec : true
support_outbound : no
support_path : false
transport : 0.0.0.0-tls
CLI> pjsip show registration telekomPJSIP-002
<Registration/ServerURI..............................> <Auth..........> <Status.......>
==========================================================================================
telekomPJSIP-002/sip:tel.t-online.de telekomPJSIP-002 Registered
ParameterName : ParameterValue
=============================================================
auth_rejection_permanent : true
client_uri : ...
contact_header_params :
contact_user : ...
endpoint : telekomPJSIP-002
expiration : 660
fatal_retry_interval : 0
forbidden_retry_interval : 10
line : true
max_retries : 10000
outbound_auth : telekomPJSIP-002
outbound_proxy :
retry_interval : 60
server_uri : sip:tel.t-online.de
support_mediasec : true
support_outbound : no
support_path : false
transport : 0.0.0.0-tls2
CLI> pjsip show endpoint telekomPJSIP-001
Endpoint: telekomPJSIP-001 Not in use 0 of inf
OutAuth: telekomPJSIP-001/+49...
Aor: telekomPJSIP-001 0
Contact: telekomPJSIP-001/sip:+49... at tel.t-o 88c72b9045 Avail 13.944
Transport: 0.0.0.0-tls tls 3 184 0.0.0.0:5061
Identify: telekomPJSIP-001/telekomPJSIP-001
Match: 127.0.0.10/32
CLI> pjsip show endpoint telekomPJSIP-002
Endpoint: telekomPJSIP-002 Not in use 0 of inf
OutAuth: telekomPJSIP-002/+49...
Aor: telekomPJSIP-002 0
Contact: telekomPJSIP-002/sip:+49... at tel.t- 7f03d717f5 Avail 13.425
Transport: 0.0.0.0-tls2 tls 3 184 0.0.0.0:5062
Identify: telekomPJSIP-002/telekomPJSIP-002
Match: 127.0.0.10/32
[root at myfw ~]# netstat -n | grep 506
tcp 0 0 3.2.1.5:53527 217.0.20.195:5061 ESTABLISHED
tcp 0 0 3.2.1.5:49161 217.0.20.195:5061 ESTABLISHED
tcp 0 0 3.2.1.5:56727 217.0.20.195:5061 ESTABLISHED
I verified via tcpdump, that each Register now uses its own connection.
Next, I checked the Register packets - to telekomPJSIP-001, e.g:
Via: SIP/2.0/TLS 3.2.1.5:5062;rport;branch=...
^^^^
Contact: <sip:+49... at 3.2.1.5:5062;transport=TLS;line=...>
^^^^
{code}
=> this should be 5061 (because of transport 0.0.0.0-tls which refers to 5061) - not 5062 ...
=> It turns out, that *all* Registers of all trunks are using port 5062 now. Why that? 5061 and 5063 is ignored completely.
Error can be seen in log and is printed by pjsip_message_filter.c:
{code}
static pj_status_t filter_on_tx_message(pjsip_tx_data *tdata)
...
ast_debug(5, "Re-wrote Contact URI host/port to %.*s:%d (this may be re-written again later)\n",
(int)pj_strlen(&uri->host), pj_strbuf(&uri->host), uri->port);
{code}
I didn't test with 18.1.x - but I guess that it could behave the same way.
was:
Define some transports:
CLI> pjsip show transports
{code}
Transport: <TransportId........> <Type> <cos> <tos> <BindAddress....................>
==========================================================================================
Transport: 0.0.0.0-tls tls 3 184 0.0.0.0:5061
Transport: 0.0.0.0-tls2 tls 3 184 0.0.0.0:5062
Transport: 0.0.0.0-tls3 tls 3 184 0.0.0.0:5063
Transport: 0.0.0.0-udp udp 3 184 0.0.0.0:5060
{code}
The 3 TLS transports are added to different trunk configuration. 2 examples:
{code}
CLI> pjsip show registration telekomPJSIP-001
<Registration/ServerURI..............................> <Auth..........> <Status.......>
==========================================================================================
telekomPJSIP-001/sip:tel.t-online.de telekomPJSIP-001 Registered
ParameterName : ParameterValue
============================================================
auth_rejection_permanent : true
client_uri : sip:+49... at tel.t-online.de
contact_header_params :
contact_user : +49...
endpoint : telekomPJSIP-001
expiration : 660
fatal_retry_interval : 0
forbidden_retry_interval : 10
line : true
max_retries : 10000
outbound_auth : telekomPJSIP-001
outbound_proxy :
retry_interval : 60
server_uri : sip:tel.t-online.de
support_mediasec : true
support_outbound : no
support_path : false
transport : 0.0.0.0-tls
CLI> pjsip show registration telekomPJSIP-002
<Registration/ServerURI..............................> <Auth..........> <Status.......>
==========================================================================================
telekomPJSIP-002/sip:tel.t-online.de telekomPJSIP-002 Registered
ParameterName : ParameterValue
=============================================================
auth_rejection_permanent : true
client_uri : ...
contact_header_params :
contact_user : ...
endpoint : telekomPJSIP-002
expiration : 660
fatal_retry_interval : 0
forbidden_retry_interval : 10
line : true
max_retries : 10000
outbound_auth : telekomPJSIP-002
outbound_proxy :
retry_interval : 60
server_uri : sip:tel.t-online.de
support_mediasec : true
support_outbound : no
support_path : false
transport : 0.0.0.0-tls2
CLI> pjsip show endpoint telekomPJSIP-001
Endpoint: telekomPJSIP-001 Not in use 0 of inf
OutAuth: telekomPJSIP-001/+49...
Aor: telekomPJSIP-001 0
Contact: telekomPJSIP-001/sip:+49... at tel.t-o 88c72b9045 Avail 13.944
Transport: 0.0.0.0-tls tls 3 184 0.0.0.0:5061
Identify: telekomPJSIP-001/telekomPJSIP-001
Match: 127.0.0.10/32
CLI> pjsip show endpoint telekomPJSIP-002
Endpoint: telekomPJSIP-002 Not in use 0 of inf
OutAuth: telekomPJSIP-002/+49...
Aor: telekomPJSIP-002 0
Contact: telekomPJSIP-002/sip:+49... at tel.t- 7f03d717f5 Avail 13.425
Transport: 0.0.0.0-tls2 tls 3 184 0.0.0.0:5062
Identify: telekomPJSIP-002/telekomPJSIP-002
Match: 127.0.0.10/32
[root at myfw ~]# netstat -n | grep 506
tcp 0 0 3.2.1.5:53527 217.0.20.195:5061 ESTABLISHED
tcp 0 0 3.2.1.5:49161 217.0.20.195:5061 ESTABLISHED
tcp 0 0 3.2.1.5:56727 217.0.20.195:5061 ESTABLISHED
I verified via tcpdump, that each Register now uses its own connection.
Next, I checked the Register packets - to telekomPJSIP-001, e.g:
Via: SIP/2.0/TLS 3.2.1.5:5062;rport;branch=...
^^^^
Contact: <sip:+49... at 3.2.1.5:5062;transport=TLS;line=...>
^^^^
{code}
=> this should be 5061 (because of transport 0.0.0.0-tls which refers to 5061) - not 5062 ...
=> It turns out, that *all* Registers of all trunks are using port 5062 now. Why that? 5061 and 5063 is ignored completely.
Error can be seen in log and is print by pjsip_message_filter.c:
{code}
static pj_status_t filter_on_tx_message(pjsip_tx_data *tdata)
...
ast_debug(5, "Re-wrote Contact URI host/port to %.*s:%d (this may be re-written again later)\n",
(int)pj_strlen(&uri->host), pj_strbuf(&uri->host), uri->port);
{code}
I didn't test with 18.1.x - but I guess that it could behave the same way.
> pjsip / register: wrong port used in Contact and Via if multiple transports are defined.
> ----------------------------------------------------------------------------------------
>
> Key: ASTERISK-29241
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-29241
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Resources/res_pjsip_outbound_registration
> Affects Versions: 18.0.1
> Environment: CentOS 7 x86_64
> Reporter: Michael Maier
> Severity: Minor
>
> Define some transports:
> CLI> pjsip show transports
> {code}
> Transport: <TransportId........> <Type> <cos> <tos> <BindAddress....................>
> ==========================================================================================
> Transport: 0.0.0.0-tls tls 3 184 0.0.0.0:5061
> Transport: 0.0.0.0-tls2 tls 3 184 0.0.0.0:5062
> Transport: 0.0.0.0-tls3 tls 3 184 0.0.0.0:5063
> Transport: 0.0.0.0-udp udp 3 184 0.0.0.0:5060
> {code}
> The 3 TLS transports are added to different trunk configuration. 2 examples:
> {code}
> CLI> pjsip show registration telekomPJSIP-001
> <Registration/ServerURI..............................> <Auth..........> <Status.......>
> ==========================================================================================
> telekomPJSIP-001/sip:tel.t-online.de telekomPJSIP-001 Registered
> ParameterName : ParameterValue
> ============================================================
> auth_rejection_permanent : true
> client_uri : sip:+49... at tel.t-online.de
> contact_header_params :
> contact_user : +49...
> endpoint : telekomPJSIP-001
> expiration : 660
> fatal_retry_interval : 0
> forbidden_retry_interval : 10
> line : true
> max_retries : 10000
> outbound_auth : telekomPJSIP-001
> outbound_proxy :
> retry_interval : 60
> server_uri : sip:tel.t-online.de
> support_mediasec : true
> support_outbound : no
> support_path : false
> transport : 0.0.0.0-tls
> CLI> pjsip show registration telekomPJSIP-002
> <Registration/ServerURI..............................> <Auth..........> <Status.......>
> ==========================================================================================
> telekomPJSIP-002/sip:tel.t-online.de telekomPJSIP-002 Registered
> ParameterName : ParameterValue
> =============================================================
> auth_rejection_permanent : true
> client_uri : ...
> contact_header_params :
> contact_user : ...
> endpoint : telekomPJSIP-002
> expiration : 660
> fatal_retry_interval : 0
> forbidden_retry_interval : 10
> line : true
> max_retries : 10000
> outbound_auth : telekomPJSIP-002
> outbound_proxy :
> retry_interval : 60
> server_uri : sip:tel.t-online.de
> support_mediasec : true
> support_outbound : no
> support_path : false
> transport : 0.0.0.0-tls2
> CLI> pjsip show endpoint telekomPJSIP-001
> Endpoint: telekomPJSIP-001 Not in use 0 of inf
> OutAuth: telekomPJSIP-001/+49...
> Aor: telekomPJSIP-001 0
> Contact: telekomPJSIP-001/sip:+49... at tel.t-o 88c72b9045 Avail 13.944
> Transport: 0.0.0.0-tls tls 3 184 0.0.0.0:5061
> Identify: telekomPJSIP-001/telekomPJSIP-001
> Match: 127.0.0.10/32
> CLI> pjsip show endpoint telekomPJSIP-002
> Endpoint: telekomPJSIP-002 Not in use 0 of inf
> OutAuth: telekomPJSIP-002/+49...
> Aor: telekomPJSIP-002 0
> Contact: telekomPJSIP-002/sip:+49... at tel.t- 7f03d717f5 Avail 13.425
> Transport: 0.0.0.0-tls2 tls 3 184 0.0.0.0:5062
> Identify: telekomPJSIP-002/telekomPJSIP-002
> Match: 127.0.0.10/32
> [root at myfw ~]# netstat -n | grep 506
> tcp 0 0 3.2.1.5:53527 217.0.20.195:5061 ESTABLISHED
> tcp 0 0 3.2.1.5:49161 217.0.20.195:5061 ESTABLISHED
> tcp 0 0 3.2.1.5:56727 217.0.20.195:5061 ESTABLISHED
> I verified via tcpdump, that each Register now uses its own connection.
> Next, I checked the Register packets - to telekomPJSIP-001, e.g:
> Via: SIP/2.0/TLS 3.2.1.5:5062;rport;branch=...
> ^^^^
> Contact: <sip:+49... at 3.2.1.5:5062;transport=TLS;line=...>
> ^^^^
> {code}
> => this should be 5061 (because of transport 0.0.0.0-tls which refers to 5061) - not 5062 ...
> => It turns out, that *all* Registers of all trunks are using port 5062 now. Why that? 5061 and 5063 is ignored completely.
> Error can be seen in log and is printed by pjsip_message_filter.c:
> {code}
> static pj_status_t filter_on_tx_message(pjsip_tx_data *tdata)
> ...
> ast_debug(5, "Re-wrote Contact URI host/port to %.*s:%d (this may be re-written again later)\n",
> (int)pj_strlen(&uri->host), pj_strbuf(&uri->host), uri->port);
> {code}
> I didn't test with 18.1.x - but I guess that it could behave the same way.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list